By VERA Files
IF you’re a Filipino registered voter, chances are your personal data, including fingerprint, street address, precinct number and passport information, are now floating online.
These data can be accessed through a search engine, wehaveyourdata.com. Hacktivist group LulzSec Pilipinas said it owns the website.
The group also claimed responsibility for defacing the official website of the Commission on Elections on March 27.
Anyone who has Internet access can now stalk a person, including their house number, only by typing in their full name into the search engine.
Worse, even if the website is not taken down, the full data could be downloaded via a torrent link, which, according to LulzSec Pilipinas’ Facebook page, has been hosted since March 28.
In a statement tweeted by ABS-CBN News, Comelec spokesperson James Jimenez said the National Bureau Investigation (NBI) is looking into the website and investigating the matter.
He said the Comelec is yet to verify the accuracy of the data posted.
“In the meantime that they have not furnished us a copy of their findings, we advise the public not to use the hacker website as it can be used by the hackers to steal your information and thus expose you even further to the dangers of identity theft,” Jimenez said.
“We also cannot rule out at this stage that this may be attempt by the hackers to monetize the data they claim to have,” he added.
Yesterday, poll chief Andres Bautista himself confirmed that the suspected hacker is already under the custody of the National Bureau of Investigation, based on reports.
“I told him and assured him that all security features stated in the automated election law will be implemented in the 2016 elections. I told him he did not need to do the hacking,” Bautista told reporters.
But the database proves otherwise.
Initial investigation by Trend Micro, a security intelligence blog, said this crucial government data is just rendered in plain text and accessible to everyone.
“Interestingly, we also found a whopping 15.8 million record of fingerprints and list of peoples running for office since the 2010 elections,” Trend Micro said in a report.
Divided by the total number of registered voters, there is a 1 in 3 chance that a voter’s fingerprint is there.
Comelec earlier downplayed the gravity of the issue, saying no crucial information has been leaked.
But the data spill has been dubbed by security researchers as the biggest government-related breach in history.
“Hackers just hack and download data from websites, but we make it accessible for anyone,” LulzSec Pilipinas said on the website.
“It is one thing to hear about a huge data leak and other to see your data in a public website. Maybe, at least now, government will start thinking about security of citizen’s personal data,” a member of LulzSec added.
